package com.example.auth;

import io.vertx.core.AsyncResult;
import io.vertx.core.Future;
import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.auth.User;
import io.vertx.ext.auth.authorization.Authorization;
import io.vertx.ext.auth.authorization.PermissionBasedAuthorization;
import waffle.windows.auth.IWindowsIdentity;

public class WaffleUser implements User {

    private final IWindowsIdentity identity;

    public WaffleUser(IWindowsIdentity identity) {
        this.identity = identity;
    }

    @Override
    public User isAuthorized(Authorization authorization, Handler<AsyncResult<Boolean>> resultHandler) {
        // For simplicity, this example considers any authenticated user as authorized.
        // A real application should check against specific permissions or roles.
        if (authorization instanceof PermissionBasedAuthorization) {
            PermissionBasedAuthorization pba = (PermissionBasedAuthorization) authorization;
            // Here you could check pba.getPermission() against the user's groups
            // IWindowsIdentity.getGroups()
        }
        resultHandler.handle(Future.succeededFuture(true));
        return this;
    }

    @Override
    public User clearCache() {
        // No cache to clear
        return this;
    }

    @Override
    public JsonObject principal() {
        return new JsonObject().put("username", identity.getFqn());
    }

    @Override
    public void setAuthProvider(io.vertx.ext.auth.AuthProvider authProvider) {
        // Not needed
    }

    @Override
    public JsonObject attributes() {
        return new JsonObject();
    }

    @Override
    public User merge(User other) {
        return this;
    }
}